From c0fecfab47b5d5e1f576cd53c86497d51c2fb792 Mon Sep 17 00:00:00 2001 From: Charles-Antoine Mathieu Date: Sun, 27 Sep 2020 19:29:24 +0200 Subject: [PATCH] Fix typo in documentation/api.md #318 --- documentation/api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/api.md b/documentation/api.md index 0d73921b..b64eea7b 100644 --- a/documentation/api.md +++ b/documentation/api.md @@ -85,7 +85,7 @@ User authentication : The /auth API is designed for the Plik web application nevertheless if you want to automatize it be sure to provide a valid Referrer HTTP header and forward all session cookies. Plik session cookies have the "secure" flag set, so they can only be transmitted over secure HTTPS connections. - To avoid CSRF attacks the value of the plik-xsrf cookie MUST be copied in the X-XRSFToken HTTP header of each + To avoid CSRF attacks the value of the plik-xsrf cookie MUST be copied in the X-XSRFToken HTTP header of each authenticated request. Once authenticated a user can generate upload tokens. Those tokens can be used in the X-PlikToken HTTP header used to link an upload to the user account. It can be put in the ~/.plikrc file of the Plik command line client.